Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

ebe0f44901...8.html

windows7-x64

3

ebe0f44901...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 17:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ebe0f44901808f70a6d5a7e78f16ad01_JaffaCakes118.html

  • Size

    57KB

  • MD5

    ebe0f44901808f70a6d5a7e78f16ad01

  • SHA1

    5e5412ef85284442f181838fd4a6a012880ed29f

  • SHA256

    95944f5d383a8ab9356bafda0b9280475989ca81f92cb84afbf75e44d76d4924

  • SHA512

    a21c2147d8c853a496da7ee85f315ddcbcd2ba520e2a60e67aef4897ec0bcab6a442e5a68e59aa4e99f8b7e2087878d9c118bd98a9e55f8f471f3121b102b7e0

  • SSDEEP

    1536:ijEQvK8OPHdVABo2vgyHJv0owbd6zKD6CDK2RVroDMwpDK2RVy:ijnOPHdVF2vgyHJutDK2RVroDMwpDK2m

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ebe0f44901808f70a6d5a7e78f16ad01_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2688
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2688 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2864

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
    Filesize

    1KB

    MD5

    55540a230bdab55187a841cfe1aa1545

    SHA1

    363e4734f757bdeb89868efe94907774a327695e

    SHA256

    d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

    SHA512

    c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
    Filesize

    230B

    MD5

    9bf39389b465afcfe1709d826dfe7ea2

    SHA1

    65d19682cc8e522f645cd4cbd6e3a334d01beb26

    SHA256

    1d493d64098497fd6d5172b48a70ecce88ca4d95a05bef375272df24021a26e3

    SHA512

    a0ee41e771ca95afc99de7a17976a6f9ef9efb5fc0468219f0e5a00d4f2a283f73a27b2e1f4189fa4f29fc5c5fcb8ec66a1f6daca688ed43c4a689809107544e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    937fc18c6f08ff043358d11483108cdc

    SHA1

    98d5b28904611d89b4ed106be0f089d84436b50b

    SHA256

    426171759d85c76023ba1ea5a25bd7e51ad50d8dcda08305b58f57c9267a075b

    SHA512

    bda1e498362c44bab328a8571ff60b8570a6ad503f07d96d55d94294cf953db86ed98a4a095e5dd2874c13582b1f943c5bf8e7234917642cda3931147bdcbd34

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b9f378fce66d6132e9626ce1273b4198

    SHA1

    d3997f84f284dc7d8cf6dab0d4c6d7450ab5b11f

    SHA256

    bfa99c35edfd1accc1e8006bd7acba3b726f1fea23245b81381c2d741c70c852

    SHA512

    18ba6f4f6320507a4ffcd04b8f0bf615c9950d2e06a9b28e8a5339f3cf8134e44824c914bb45871a804b0d26bbf216f98793f066ff6948f1d415e116886312a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b09a2dd8061d4e18e65fd2f1e54565a0

    SHA1

    1280a17a1f9a1077177f88ae03531998d70211ad

    SHA256

    5011a227707fbbc5bd83f6ef491cd3d583bb98fbe3832a42533f19126ad680f7

    SHA512

    626aa2ef84885b40c701caea00e0dd4719c71e349281f1dd57325df9f71f0915256efd3140f47f698eeb8de3e1f5552394a39de47b1bbbc5c349f4a1f2401d79

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    72cfbfcca94619f12774e785a6dff7a7

    SHA1

    ff4cc63639dfdc0d862ce55a7c692521cbcba9e0

    SHA256

    d881456f9a841a318a6b9ac23e27a0e1411a5a848a62d5e5bba476e5981ad96b

    SHA512

    ef4f36da81ffb6563ad7871878339cbce203e8401c1bcd95fcf0c1bdbe3f06ae52b5cce0feead55746795d21cfd277287677f9daed288e272151a38532635a1c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    40a11154bf6d0f8555441b06f16e44d3

    SHA1

    c28a0cb77b21e96545d3b7febb52366d72e8980f

    SHA256

    e523dfdc35cf3b21429e45c8d46cc1f74e6f8cf103391d408702ed798e5f19f0

    SHA512

    e5a4ae76eeadcaaad4bd4743a5934b5a6d0920464c40eaf54dad9b31e37010df09a3567fab01edde52c945e0c8cf691c98af53b3a081904a5c6fed2b5152d106

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    78e4c99950211dc07d890574e63377bc

    SHA1

    4865c67d425e6f7bfa655ac67f086694b7521a94

    SHA256

    b21885a19b838787c1c680efccbbdf521c9f4e7a5998b5271b1524f593cda09c

    SHA512

    c2bebd8c65d0b0d3d8bb95e84fb0bd63d7df60c6de83a0319fd27eb5ff5347c28d67a92dfe93cec16e4586c553941b74f22b08c0d6540117fed7161f58c9125b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f3442307410fae8b2dbc79268e0b1f31

    SHA1

    72df58fd38f993a026ff1f40673908e451ec9e26

    SHA256

    356e019fc641e723e45820f89646f11dee5ac73d6ae437ee3b7e577e03b5a918

    SHA512

    8bb9eb1e9a60171d89d3f648c01f1dd2591141e3c2351ddd5572ac2cb5166ea533b2dc5ab01a7c5a836ae452793601997a50eeb1263e4642edb8485c6d30f176

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    87d314ce8307ef964d970b855659d92e

    SHA1

    c75085b5b623e4db3026cadebac6a404432aa34c

    SHA256

    7c5289a847cbec37f5b1dc4218f8248cf870f95b46623e44d164d59135d5f7a9

    SHA512

    ccb9882cde63da2a9e41e90ea6a880b71dfd98204f96d470cf118f21f82341ceb86d0210ce70cb6825fef0a6eb473cc9f993b9357759d8d44483a5d6bc8023c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ccf57027a61b222ed2165ec018db4830

    SHA1

    6ae39c4e534d94b3d6b8a5e585404803c1a2f881

    SHA256

    9b17a64896a7d98ae520c5b6f589919c801ccff935709c1e451ea0004e08db18

    SHA512

    62c38e44866f0f722899b0381fb32bd61c1dac7a0baa067ee18ba288d6868b173faf5378cbbeea25b5e3bb9cb496372e5fc37ea753b9ea1430a72586ce2e3e4b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    310c8b01d91629d6c2e702742113b38c

    SHA1

    30c82d8bea182e44ceb0b10ba8fa0b2a708cb49c

    SHA256

    7172b237feb82a2c6fd365419269b4457df0228040e655a261f3c51429f8214a

    SHA512

    2a6f4c4555b044a4ea7f0821650956b2da4732cc7d4d415bb0b92d334268d1106c04bf7410a33910b46402bbdb7a5c7ac2ea7aaca85435c73cc4a963c214303d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fe1d71460c2768d8c7124654aee294cd

    SHA1

    963e1de4793235b4d4a6c46da79e034ec09c5d38

    SHA256

    09c44dda7035ea03b0950dd89c7f20849fd9cd27fd8dc7c679e2ededa294e4c1

    SHA512

    71981e93992f0cf0da356c7f19c5b6d8d2e4236cc2f54a9ffe16c13e8ab8cded20ec6a6614b884662bdc76bf42bd696326e09b30dd2d69008c7076f07bfe941a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c532fa9494a4c4b5b2ae70d9668bcec6

    SHA1

    f98c36d97808003f69b178014e1aa0a7b576a39b

    SHA256

    ae9996e2eb842bb35bfc0df0d387edf9d6e013bbd236479ccb1b314a30d46437

    SHA512

    b5956f96dca62bd0136a9b5a531a4f5770dd12ce2f7b1d4c4bcfd73c294fa6d4ec43f595394c401dfd41c7243fe16c185e16b8ba620b7b53c42472f8931ba844

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aa1af33587985e3b0d9aadfd9e04c524

    SHA1

    2c9cc10e3997833b67f8dcd070690e393a4b166d

    SHA256

    5f489efb52def76212f281da9c9d60dd3f054b3e53f169e5cd62edbb39bd99a5

    SHA512

    f07a35c68e43b6ffb912e60bba77d4ae7e86b7a2a4792a1ef7c6b607a8a23c9bdf230455776ed1490699262eef0ac287e74f137ac280e532e9c4ae6a8c85c065

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y8UFEBH5\f[1].txt
    Filesize

    40KB

    MD5

    f5e8f81dbcbc85fc1c036549025a904c

    SHA1

    6fefa5d0eade53a6024beabde406ebea3777dbed

    SHA256

    932b06e8178c03311dbf89ba8ffda5972db9f8ca589697c69f86eddc48ef4e11

    SHA512

    2255a061ad27df92c3752c040bff1c35328d7d454f5b8e3ac36d0d31341644803a6a1239789f133b5f4ea7c2889f16295870aa8ee7f822eada322e223a925174

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1D14.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1DA3.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit